Payment services have become both more convenient and more secure over recent years — but cybercriminals are still managing to steal funds from cards all around the world. What are the most common methods used for such theft, and how can you counteract them? Card cloning When cards only stored information on a show more ...
A video-enabled smart intercom made by Chinese company Akuvox has major security vulnerabilities that allow audio and video spying, and the company has so far been unresponsive to the discoveries.
With the rise of cybercriminals targeting online piracy, this year's Oscar-nom fans need to be especially careful not to download malicious files while attempting to watch popular films for free.
If the proposed rule is approved, organizations would need to disclose all data breaches, even one that does not cause any harm, to affected customers.
Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store.
BlackLotus is the first in-the-wild malware to exploit a vulnerability in the Secure Boot process on Windows, and experts expect copycats and imminent increased activity.
CISOs' ability to pivot tight budgets is key to defense plans that can stand up to attackers.
A novel take on investment scams mixes romance and the lure of crypto riches to con targets out of "the whole hog" of their assets.
Hackers are increasingly tantalized by the troves of sensitive data held by lightly protected law firms and legal services organizations.
Tracked as CVE-2023-20049 (CVSS score of 8.6), the vulnerability impacts the bidirectional forwarding detection (BFD) hardware offload feature for the platform and can be exploited remotely, without authentication.
The CISO of Swiss cybersecurity firm Acronis has acknowledged a breach of the company’s systems but stated the incident only impacted a single customer and that all other data remains safe.
Of the vulnerabilities that VulnCheck believes have been exploited in attacks but have not been added to CISA’s KEV catalog, 64% are related to botnets, followed by threat actors (12%) and ransomware (10%) — the rest are unattributed.
BianLian noted in a post on its data leak site that it was able to exfiltrate 350GB worth of data from Waynesboro's network, including file server data and public relations documents, as well as internal police station file server files.
The UK-based digital identity company, led by CEO Robin Tombs, intends to use the funds to develop its technology that protects customers’ identities and personal data online.
In recent weeks, SentinelLabs observed novel Linux versions of IceFire ransomware being deployed within the enterprise network intrusions of several media and entertainment sector organizations worldwide.
"Customer Proprietary Network Information from some wireless accounts was exposed, such as the number of lines on an account or wireless rate plan," AT&T told BleepingComputer.
A healthcare revenue cycle management software vendor is facing a proposed class action lawsuit in the aftermath of a December 2022 data exfiltration attack affecting nearly 251,000 patients.
CHS has been working "diligently" to determine an accurate number of individuals affected by the Fortra Incident, both overall and for the state of Maine, the report to the attorney general says.
"By removing the NetWire RAT, the FBI has impacted the criminal cyber ecosystem," Donald Alway, the assistant director in charge of the FBI's Los Angeles field office, declared in a statement.
Black & McDonald did not respond to repeated requests for comment, but a spokesperson for Canada’s Department of National Defence told The Record that it was aware of a ransomware attack on the company.
Zscaler ThreatLabz has identified significant code similarities between Nevada and Nokoyawa ransomware including debug strings, command-line arguments, and encryption algorithms
A North Korean espionage group tracked as UNC2970 has been observed employing previously undocumented malware families as part of a spear-phishing campaign targeting U.S. and European media and technology organizations since June 2022.
About 92% of organizations have fallen victim to successful phishing attacks in the last 12 months, while 91% of organizations have admitted to experiencing email data loss, according to Egress.
The company pointed out that the attack was intense and short-lived, with most attack traffic bursting during the peak minute of the attack. The overall attack lasted only a few minutes.
In 2022 there was a significant increase in API-related CVEs, growing +78% from H1 to H2. Although growth has stabilized over the past two quarters, the research team at Wallarm expects an increase in 2023.
Named "Xenomorph 3rd generation" by the Hadoken Security Group, the threat actor behind the operation, the updated version comes with new features that allow it to perform financial fraud in a seamless manner.
The Imperva Red Team discovered a vulnerability affecting the world’s largest NFT marketplace, OpenSea. It is a cross-site search (XS-Search) vulnerability that can be exploited by an attacker to obtain a user’s identity.
The budget proposes $3.1 billion for the CISA. This includes “$98 million to implement the Cyber Incident Reporting for Critical Infrastructure Act,” as well as “$425 million to improve CISA’s internal cybersecurity and analytical capabilities.”
If a malicious hacker were to discover the flaw, they could exploit it to access customer data, steal the company’s source code, and look for other vulnerabilities to exploit.
This line of credit will further strengthen the company's financial position as it continues on its mission to be the first and only solution provider to verify 100% of good identities in real-time and eliminate identity fraud on the internet.
Prometei, first observed in 2016, is a modular botnet that features a large repertoire of components and several proliferation methods, some of which also include the exploitation of ProxyLogon Microsoft Exchange Server flaws.
They do this using custom-created gaming apps that promise huge financial rewards directly proportional to investments to potential targets they've established trust with beforehand in lengthy online conversations.
Media and entertainment sector organizations worldwide are under attack by the threat actor using the Linux version of the IceFire ransomware. SentinelLabs first made this observation and found that criminals abused a deserialization bug in IBM Aspera Faspex file sharing software, tracked as CVE-2022-47986. Its Windows version is known to spread via phishing messages.
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network show more ...
This Metasploit module exploits CVE-2023-22952, a remote code execution vulnerability in SugarCRM 11.0 Enterprise, Professional, Sell, Serve, and Ultimate versions prior to 11.0.5 and SugarCRM 12.0 Enterprise, Sell, and Serve versions prior to 12.0.2.
Ubuntu Security Notice 5944-1 - It was discovered that SnakeYAML did not limit the maximal nested depth for collections when parsing YAML data. If a user or automated system were tricked into opening a specially crafted YAML file, an attacker could possibly use this issue to cause applications using SnakeYAML to show more ...
Red Hat Security Advisory 2023-1181-01 - OpenShift Serverless version 1.27.1 contains a moderate security impact. This release includes security and bug fixes, and enhancements.
Red Hat Security Advisory 2023-1179-01 - Red Hat OpenShift Serverless Client kn 1.27.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.27.1. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. This release includes security and bug fixes, and enhancements.
Red Hat Security Advisory 2023-1184-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Security Advisory 2023-1185-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Debian Linux Security Advisory 5371-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Ubuntu Security Notice 5942-1 - Lars Krapf discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain configurations. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy_uwsgi show more ...
A new variant of the Android banking trojan named Xenomorph has surfaced in the wild, the latest findings from ThreatFabric reveal. Named "Xenomorph 3rd generation" by the Hadoken Security Group, the threat actor behind the operation, the updated version comes with new features that allow it to perform financial fraud in a seamless manner. "This new version of the malware adds many new
A North Korean espionage group tracked as UNC2970 has been observed employing previously undocumented malware families as part of a spear-phishing campaign targeting U.S. and European media and technology organizations since June 2022. Google-owned Mandiant said the threat cluster shares "multiple overlaps" with a long-running operation dubbed "Dream Job" that employs job recruitment lures in
An updated version of a botnet malware called Prometei has infected more than 10,000 systems worldwide since November 2022. The infections are both geographically indiscriminate and opportunistic, with a majority of the victims reported in Brazil, Indonesia, and Turkey. Prometei, first observed in 2016, is a modular botnet that features a large repertoire of components and several proliferation
A suspecting China-linked hacking campaign has been observed targeting unpatched SonicWall Secure Mobile Access (SMA) 100 appliances to drop malware and establish long-term persistence. "The malware has functionality to steal user credentials, provide shell access, and persist through firmware upgrades," cybersecurity company Mandiant said in a technical report published this week. The
A coordinated international law enforcement exercise has taken down the online infrastructure associated with a cross-platform remote access trojan (RAT) known as NetWire. Coinciding with the seizure of the sales website www.worldwiredlabs[.]com, a Croatian national who is suspected to be the website's administrator has been arrested. While the suspect's name was not released, investigative
Multi-factor Authentication (MFA) has long ago become a standard security practice. With a wide consensus on its ability to fend off more than 99% percent of account takeover attacks, it's no wonder why security architects regard it as a must-have in their environments. However, what seems to be less known are the inherent coverage limitations of traditional MFA solutions. While compatible with
The boss of WhatsApp, the most popular messaging platform in the UK, says that it will not remove end-to-end encryption from the app to comply with requirements set out in the UK government's online safety bill. Learn more in my article on the Hot for Security blog.
Torrents on The Pirate Bay which claim to contain Final Cut Pro are instead being used to distribute cryptojacking malware to Macs.
